172 matches found
CVE-2020-0789
A denial of service vulnerability exists when the Visual Studio Extension Installer Service improperly handles hard links, aka 'Visual Studio Extension Installer Service Denial of Service Vulnerability'...
CVE-2020-0789
CVE-2020-0789 concerns a denial-of-service flaw in the Visual Studio Extension Installer Service due to improper handling of hard links. The vulnerability affects Microsoft Visual Studio-related components and could allow a local attacker to cause the target system to stop responding (DoS) and, p...
CVE-2020-0773
An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'. Thi...
CVE-2020-0770
An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'. Thi...
CVE-2020-0770
CVE-2020-0770 is an elevation of privilege vulnerability in the Windows ActiveX Installer Service caused by improper handling of memory. The CNVD entry confirms the syndrome but provides no versioned product scope or patch details. Public documents indicate that exploitation requires local execut...
Microsoft Windows/Windows Server ActiveX Installer Service elevation of privilege vulnerability (CNVD-2020-17181)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is a set of operating systems for use on personal devices.Microsoft Windows Server is a set of server operating systems. An elevation of privilege vulnerability exists in Microsoft...
Microsoft Windows ActiveX Installer Service Privilege Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. ActiveX Installer Service is one of the ActiveX installer services. A privilege extraction...
Microsoft Visual Studio Extension Installer Service Denial of Service Vulnerability
Microsoft Visual Studio is a family of development tool suites from Microsoft and a largely complete set of development tools that includes most of the tools needed throughout the software lifecycle. A denial of service vulnerability exists in the Microsoft Visual Studio Extension Installer...
Visual Studio Extension Installer Service Denial of Service Vulnerability
A denial of service vulnerability exists when the Visual Studio Extension Installer Service improperly handles hard links. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an...
KB4540670: Windows 10 Version 1607 and Windows Server 2016 March 2020 Security Update
The remote Windows host is missing security update 4540670. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations. An attacker who successfully exploited this vulnerability...
CVE-2020-0728
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'...
Information disclosure
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'...
CVE-2020-0728
CNVD-2020-10129 and related OpenVAS entries describe CVE-2020-0728 as an information disclosure vulnerability in Microsoft Windows, specifically involving the Windows Modules Installer Service. The root cause is improper disclosure of file information by the service, enabling an attacker to view ...
Windows Modules Installer Service Information Disclosure Vulnerability
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read any file on the file system. To exploit the vulnerability, an attacker would have to log onto an affected...
CVE-2019-2218
In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. This could lead to local escalation of privilege by installing malicious packages with User execution privileges needed. User interaction is not needed for...
CVE-2019-1382
An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication, aka 'Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability'...
Information disclosure
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'...
CVE-2019-1418
The CVE-2019-1418 entry describes an information-disclosure vulnerability in Windows where the Windows Modules Installer Service improperly discloses file information. The affected component is the Windows Modules Installer Service; the underlying issue is an information disclosure vulnerability ...
Microsoft ActiveX Installer Service CVE-2019-1382 Local Privilege Escalation Vulnerability
Description Microsoft ActiveX Installer Service is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...
KB4524570: Windows 10 Version 1903 and Windows 10 Version 1909 November 2019 Security Update
The remote Windows host is missing security update 4524570. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability...